Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/2fbf83-b28b-4d36-b118-eb1086075167/1/WTd6Ylzj1Nqba1T-Bozz9TulmKw.roa
File: WTd6Ylzj1Nqba1T-Bozz9TulmKw.roa (raw, json)
Hash identifier: Or6hj5GM59py/cXqQxu/9v5V/ao+NfL/fdtvlUpuPtI=
Subject key identifier: 59:37:7A:62:5C:E3:D4:DA:9B:6B:54:FE:06:8C:F3:F5:3B:A5:98:AC
Certificate issuer: /CN=6827dc221544fc74215112a5812de196a2872e86
Certificate serial: 01862738581B97235459F6D4658A90B72F5B
Authority key identifier: 68:27:DC:22:15:44:FC:74:21:51:12:A5:81:2D:E1:96:A2:87:2E:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCfcIhVE_HQhURKlgS3hlqKHLoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/2fbf83-b28b-4d36-b118-eb1086075167/1/WTd6Ylzj1Nqba1T-Bozz9TulmKw.roa
Signing time: Mon 06 Feb 2023 14:54:09 +0000
ROA not before: Mon 06 Feb 2023 14:54:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3175
IP address blocks: 195.128.51.0/24 maxlen: 24
195.128.49.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:27:38:58:1b:97:23:54:59:f6:d4:65:8a:90:b7:2f:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6827dc221544fc74215112a5812de196a2872e86
Validity
Not Before: Feb 6 14:54:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59377a625ce3d4da9b6b54fe068cf3f53ba598ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:bf:32:a1:57:9e:83:5a:3f:b9:c8:90:5b:e3:
d8:99:bf:af:4d:81:ff:1f:1b:15:3e:a7:c9:bf:4f:
c1:53:01:8c:35:ba:8a:93:be:96:29:c1:ff:3f:5f:
d3:a3:e3:16:b4:b9:43:d1:65:de:ef:73:20:6d:ea:
42:55:79:7c:9c:c9:9d:37:3a:51:b5:09:ac:c3:6b:
e2:58:c9:a4:25:78:67:f2:18:03:a2:b4:32:fa:8c:
28:e9:11:7f:99:61:a3:da:95:53:0e:ce:81:6a:03:
a7:0b:d5:4e:5f:43:7c:dd:4a:27:04:50:17:43:1c:
a3:84:5d:4b:af:0d:4c:61:d5:52:33:c4:ad:8a:d0:
b8:ba:06:91:a6:b8:f3:37:16:7d:bb:5a:fe:6b:fd:
7a:49:1e:74:a1:c1:5d:36:2e:ee:19:9f:99:61:20:
1c:c7:bc:5e:dc:26:30:4d:80:2c:2a:ae:4b:89:88:
21:9f:d2:ce:f7:e6:0a:de:af:02:16:66:04:87:e0:
8d:0b:70:bc:63:d1:ce:cd:00:8f:e4:cb:2f:6e:aa:
2d:39:b6:c6:a6:62:93:47:1f:0a:dc:38:ff:6a:63:
fe:6f:77:27:27:a2:46:a7:49:6e:69:e4:41:d7:b0:
34:12:18:b4:e5:d4:36:72:db:00:68:99:0e:2d:bc:
36:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:37:7A:62:5C:E3:D4:DA:9B:6B:54:FE:06:8C:F3:F5:3B:A5:98:AC
X509v3 Authority Key Identifier:
keyid:68:27:DC:22:15:44:FC:74:21:51:12:A5:81:2D:E1:96:A2:87:2E:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCfcIhVE_HQhURKlgS3hlqKHLoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2fbf83-b28b-4d36-b118-eb1086075167/1/WTd6Ylzj1Nqba1T-Bozz9TulmKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/2fbf83-b28b-4d36-b118-eb1086075167/1/aCfcIhVE_HQhURKlgS3hlqKHLoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.49.0/24
195.128.51.0/24
Signature Algorithm: sha256WithRSAEncryption
06:c8:ed:aa:f7:d6:59:5a:37:d9:09:ca:15:e7:9d:31:55:6c:
95:59:35:8f:af:a3:3f:21:63:30:54:23:e7:15:e6:31:83:79:
be:77:21:8d:90:4a:2c:78:9f:fc:7f:ed:72:a4:57:1e:34:c5:
b2:af:c4:30:6b:57:30:10:db:e1:4d:78:a6:f8:0e:b7:eb:6a:
57:3a:27:cd:c3:97:91:6a:57:95:e2:b5:14:b6:2e:b4:f4:71:
51:54:ff:29:4a:2b:33:29:3c:86:2e:8a:4e:de:5c:d7:af:c9:
8f:c3:38:ba:57:9a:e1:f0:26:de:80:82:43:66:26:32:d2:00:
e2:37:5d:20:79:fa:de:07:f0:93:ad:45:d3:7a:40:11:68:21:
05:55:b6:6e:09:5e:1b:35:3e:44:51:99:32:25:1d:b3:70:be:
ac:95:40:a5:b5:d9:ca:7d:fa:6c:5c:2a:bc:b3:a4:f2:8e:20:
04:86:a3:3f:1b:91:16:06:65:a5:f0:11:d5:64:31:f4:90:d8:
63:07:53:f3:e8:fc:79:12:2c:34:7a:e8:f7:47:d0:e3:a3:a4:
a1:90:5e:7d:02:e5:73:21:04:28:ea:fc:c1:21:62:27:29:27:
57:8c:40:05:82:76:fd:6a:e9:3f:45:dd:b5:cb:01:15:df:19:
18:32:d8:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYYnOFgblyNUWfbUZYqQty9bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MjdkYzIyMTU0NGZjNzQyMTUxMTJhNTgxMmRlMTk2YTI4
NzJlODYwHhcNMjMwMjA2MTQ1NDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTM3N2E2MjVjZTNkNGRhOWI2YjU0ZmUwNjhjZjNmNTNiYTU5OGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzL8yoVeeg1o/uciQW+PYmb+vTYH/
HxsVPqfJv0/BUwGMNbqKk76WKcH/P1/To+MWtLlD0WXe73MgbepCVXl8nMmdNzpR
tQmsw2viWMmkJXhn8hgDorQy+owo6RF/mWGj2pVTDs6BagOnC9VOX0N83UonBFAX
QxyjhF1Lrw1MYdVSM8StitC4ugaRprjzNxZ9u1r+a/16SR50ocFdNi7uGZ+ZYSAc
x7xe3CYwTYAsKq5LiYghn9LO9+YK3q8CFmYEh+CNC3C8Y9HOzQCP5MsvbqotObbG
pmKTRx8K3Dj/amP+b3cnJ6JGp0luaeRB17A0Ehi05dQ2ctsAaJkOLbw2tQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFk3emJc49Tam2tU/gaM8/U7pZisMB8GA1UdIwQY
MBaAFGgn3CIVRPx0IVESpYEt4Zaihy6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUNmY0loVkVfSFFoVVJLbGdTM2hscUtITG9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yZmJmODMtYjI4Yi00ZDM2LWIxMTgt
ZWIxMDg2MDc1MTY3LzEvV1RkNllsemoxTnFiYTFULUJveno5VHVsbUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yZmJmODMtYjI4Yi00ZDM2LWIxMTgtZWIxMDg2MDc1MTY3
LzEvYUNmY0loVkVfSFFoVVJLbGdTM2hscUtITG9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw4AxAwQA
w4AzMA0GCSqGSIb3DQEBCwUAA4IBAQAGyO2q99ZZWjfZCcoV550xVWyVWTWPr6M/
IWMwVCPnFeYxg3m+dyGNkEoseJ/8f+1ypFceNMWyr8Qwa1cwENvhTXim+A6362pX
OifNw5eRaleV4rUUti609HFRVP8pSiszKTyGLopO3lzXr8mPwzi6V5rh8CbegIJD
ZiYy0gDiN10gefreB/CTrUXTekARaCEFVbZuCV4bNT5EUZkyJR2zcL6slUCltdnK
ffpsXCq8s6TyjiAEhqM/G5EWBmWl8BHVZDH0kNhjB1Pz6Px5Eiw0euj3R9Djo6Sh
kF59AuVzIQQo6vzBIWInKSdXjEAFgnb9auk/Rd21ywEV3xkYMthg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:53 2024 by rpki-client on console-ams.rpki-client.org